Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
marshadow2020-12-02 08:47:10
Information Security
marshadow, 2020-12-02 08:47:10

How can iframe injection be used?

I found an iframe injection in a pretty serious site with a lot of users. I can only insert an iframe element of a certain size with any link. What can be done?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
C
CityCat4, 2020-12-03
@marshadow

Nothing if the site does not have a clearly described bugbounty program. Otherwise, even the most harmless action can lead to very unpleasant consequences, especially if this is a site of your country - they will blame everything on you and also provide logs.

Report
D
datka, 2020-12-02
@datka

Read the legislation.

Report
D
Dmitry, 2020-12-02
@Dit81

If the site does not participate in bugbounty, then it's better not to promote it ... Otherwise, it's worth reading about "iframe injection" and XSS.

Similar questions
K
Khiza2021-12-17 10:03:56
Can a telegram channel be hijacked through a Termux parser? 1Reply
I
IsaevDev2016-05-21 21:01:59
Is it possible to store private user data in text files instead of a database? 3Reply
J
janraev2018-10-22 15:57:02
Why is the password not "sensitive" to the language? 4Reply
V
vinescope2014-04-03 13:59:00
How to get variable from php file from browser string? 3Reply
D
dollar2018-10-24 08:06:16
Can a CSS file contain malicious code? 6Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question